Basic wireless Concepts and

Configuration

Chapter 7

Orginizations

• ITU-R

– Regulates RF bands

• IEEE

– Regulates how RF is modulated

• Wi-Fi

– Non-profit

– Ensures vendor interoperability

802.11

• 802.11n – Released October 2009

Modulation

• DSSS

– Direct Sequence Spread Spectrum

– 802.11b + 802.11g

– Simpler than OFDM

• OFDM

– Orthogonal Frequency Division Multiplexing

– 802.11a + 802.11g

• MIMO

– Multi input Multi output

– 802.11n

Components

• Wireless NIC

– Connects to an Access point

• Access point

– Connects wireless Clients to a LAN

– Acts like a hub

– RF is a shared media

CSMA/CA

• Carrier Sence Multiple Access / CollisionAvoidance

• Coordinates who can send traffic

• RTS + CTS

– Request To Send

– Clear To Send

– Negotiation between AP and client about when to send

– Helps with Hidden node problems

Channels

Configuration parameters

• Mode

– WLAN protocols: 802.11a,b,g,n

– Mixed mode: 802.11b+g

• SSID

– Shared Service Set Identifier

– Identification of wireless networks

– Broadcast or hidden

• Channel

– Use non-overlapping channels:

Topologies

• Ad hoc– IBSS: Idependent Basic Service Set

– Client to Client

• Infrastructure mode– Single AP

• BSS: Basic Service Set

• Coverage area: BSA – Basic Service Area

– Multiple AP’s with the same SSID• ESS: Extended Service Set

• Coverage Area: ESA – Extended Service Area

• BSSID: The Mac address of the AP is used to differentiatebetween them

• 10 – 15 % overlap in AP coverage, non-overlapping channels

Association

Beacon: Used by an AP to announce SSIDs

AID: Equivlen to a switch port

Authentication

• Open authentication

– No authentication

• Shared key

– WEP: Wired Equivalency Protection

– Not recommended

Design

• Position access points above obstructions.

• Position access points vertically near the ceiling in

the center of each coverage area, if possible.

• Position access points in locations where users are

expected to be.

• Use non-overlapping channels

• 10-15% overlap in coverage area

• AP power settings towards outside walls

Threats

• War drivers

– People who use open networks

• Hackers(Crackers)

– People who crack WEP keys

• Rouge Access points

– Unathorized Aps

– Usually installed by users

• MITM

– Man in the Middle

– Attacker inserts himself between the target and

the gateway

– Mitigation:

• IPS: Intrusion Prevention system

– Identifies abnormal traffic

• Authentication of users

• DoS

– Denial of Service

– Flooding of CTS

– Massive amounts of disassiociate commands

Security protocols

Mac address filtering and SSID cloaking is not considered secure by them

selves

EAP• Extensible Authentication protocol

– Blocks all traffic, except Eap until successful

authentication

Encryption• TKIP

– Temporal Key Intergrity Protocol

– WPA

– Encrypts layer 2 payload

– Integrity check

• AES

– Advanced Encryption Standard

– WPA2

– Adds to the functionality of TKIP

• Sequence numbers

• Detection of nonencrypted data